MozillaWiki

Privacy/Reviews/F1A: Difference between revisions

Page Discussion

Privacy/Reviews/F1A (view source)

Revision as of 23:27, 4 June 2012

132 bytes added ,  4 June 2012
→‎Follow-up Tasks and tracking
 
(8 intermediate revisions by the same user not shown)
Line 12: Line 12:
|'''Security Contact:''' || Curtis Koenig
|'''Security Contact:''' || Curtis Koenig
|-
|-
|'''Document State:''' || <section begin='status'/>{{ok|in risk analysis}}<section end='status'/>
|'''Document State:''' || <section begin='status'/>{{resolved|(18-Oct-2011) complete}}<section end='status'/>
|}
|}


Line 21: Line 21:
|'''Architectural Overview:''' || Done 7-Oct-2011
|'''Architectural Overview:''' || Done 7-Oct-2011
|-
|-
|'''Recommendation Meeting:''' || (date TBD)
|'''Recommendation Meeting:''' || Async via email
|-
|-
|'''Wrap-up Meeting:''' || (if necessary)
|'''Wrap-up Meeting:''' || (not necessary)
|}
|}


Line 478: Line 478:
''Recommendation:'' if a user has not set up Firefox to remember passwords, no passwords should be stored in localstorage by the share add-on or its webapp components (they can be retained in memory, but lost when Firefox is closed).
''Recommendation:'' if a user has not set up Firefox to remember passwords, no passwords should be stored in localstorage by the share add-on or its webapp components (they can be retained in memory, but lost when Firefox is closed).


{{ResolutionBox|{{ok|oauth tokens are stored in localStorage and are cleared when users click logout or clear browser's localStorage. Oauth tokens should be purged when users clear "active logins".}}}}
{{ResolutionBox|{{resolved|oauth tokens are stored in localStorage and are cleared when users click logout or clear browser's localStorage. Oauth tokens stored by this addon's apps are purged when users clear "active logins".}}}}


== Browsing History ==
== Browsing History ==
Line 539: Line 539:
| Various meetings and iterations.  Completed 7-Oct-2011.
| Various meetings and iterations.  Completed 7-Oct-2011.
|-
|-
| {{ok|Discuss Recommendations}}
| {{done|Discuss Recommendations}}
| Sid & Shane
| Sid & Shane
|
|
| Async via email
| Async via email
|-
|-
| {{new|verify data flow with [[#Share_Mediator_Component|SMTP and Oauth servers]]}}
| {{done|verify data flow with [[#Share_Mediator_Component|SMTP and Oauth servers]]}}
| Shane
| Mark Hammond
|
|
|
|
|-
|-
| {{new|update add-on to purge oauth tokens (via logout() call) when user clears "active logins" via browser's "clear recent history" dialog}}
| {{done|update add-on to purge oauth tokens (via logout() call) when user clears "active logins" via browser's "clear recent history" dialog}}
| Shane
| Shane
|
| {{bug|695259}}
|
|
|-
|-
| {{new|disclose URL shortening in Twitter share UI, perhaps "about url shortening" linking to [http://support.twitter.com/entries/109623]}}
| {{drop|<strike>disclose URL shortening in Twitter share UI, perhaps "about url shortening" linking to [http://support.twitter.com/entries/109623]</strike>}}
| Shane
| Shane
|
|
|
| Unnecessary, Twitter uses their own shortener.
|}
|}




[[Category:Privacy/Reviews|Template]]
[[Category:Privacy/Reviews|F1A]]
Sidstamm
canmove, Confirmed users
1,537

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/358605...437570"